The Java Authentication and Authorization Service API can certainly be used to implement single sign-on functionality. The correct answer to a question about whether this API supports single sign-on functionality is yes.

Steven Colley
Ranch Hand

Joined: Feb 18, 2005
Posts: 290

posted May 06, 2008 18:47:00

0

OK, tks James!!

Farbod H Foomany
Ranch Hand

Joined: Feb 29, 2008
Posts: 63

posted May 07, 2008 00:47:00

0

Hi, I agree with both YES and NO I am not sure SSO is an out of the box option. but 'supports' ? yes it supports. Look at so many products that have implemented SSO, oracle JSSO for example and identity management. It seems that SSO is not a requirement for JEE compatible application server. But easy to implement using Krb5LoginModule. SAML facilitates SSO for web services. SSO's Kerberos tokens are a bit different from SAML tokens. Regards Farbod

P.S. I was thinking to myself if I were supposed to go to heaven or hell based on this answer, which one I would choose. I think I would linger there forever! [ May 07, 2008: Message edited by: Farbod H Foomany ]

Steven Colley
Ranch Hand

Joined: Feb 18, 2005
Posts: 290

posted May 07, 2008 05:35:00

0

Originally posted by Farbod H Foomany: [QB]Hi, I agree with both YES and NO I am not sure SSO is an out of the box option. but 'supports' ? yes it supports. Look at so many products that have implemented SSO, oracle JSSO for example and identity management. It seems that SSO is not a requirement for JEE compatible application server. But easy to implement using Krb5LoginModule. SAML facilitates SSO for web services. SSO's Kerberos tokens are a bit different from SAML tokens. Regards Farbod

No..that's fine Farbod..

It makes sense! In short then :

JAAS DOES support SSO. SSO easy to be implemented by JAAS using kerberos. SAML = SSO for web services. SSO is not a requirement for JEE compatible application server.